CN116032661B - Parallel supervision identity privacy protection method - Google Patents
Parallel supervision identity privacy protection method Download PDFInfo
- Publication number
- CN116032661B CN116032661B CN202310287885.7A CN202310287885A CN116032661B CN 116032661 B CN116032661 B CN 116032661B CN 202310287885 A CN202310287885 A CN 202310287885A CN 116032661 B CN116032661 B CN 116032661B
- Authority
- CN
- China
- Prior art keywords
- credit
- container
- supervision
- key
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a parallel supervision identity privacy protection method, which comprises the steps of constructing a credit value network through network nodes, constructing a credit weight election algorithm, and selecting network nodes meeting requirements to form a hybrid container; selecting supervisory nodes by a multi-round sorting encryption lottery mechanism, and sorting the nodes to be selected for multiple rounds according to the generated credit weight; the supervision center node initializes the mixed container, and the transaction sender generates a supervision hidden address for the receiver; constructing a ring signature scheme based on a credit threshold; providing a group cooperative commitment, and adding a scattered blind factor; unlocking the mixed container, monitoring the container in the blockchain network through an observation algorithm, and packaging and trading uplink after verifying the container through a verification algorithm. The method includes the steps that through a multi-round ordering encryption lottery mechanism, nodes are selected and supervised based on node assets and credit value secrets, and traceability key images are generated to ensure the traceability of transaction supervision and the identity of two parties of the transaction.
Description
Technical Field
The invention relates to the technical field of identity privacy protection, in particular to a parallel supervision type identity privacy protection method.
Background
Under the characteristic of block chain decentralization, transactions among nodes are disclosed to be confirmed by multiple parties, and all the nodes can obtain all transaction information after block packaging. Although the node identity address information of the transaction is usually replaced by a hash value of a public key, since the transaction is publicly transparent, the identity information of both parties to the transaction can still be traced back by constructing a transaction network structure or linking the identity of the sender of the transaction according to different transaction amounts.
The existing blockchain identity privacy protection method is mainly realized through a coin mixing mechanism, and the purpose of hiding one transaction sender and receiver is achieved through mixing a plurality of transactions. The coin mixing mechanism is mainly based on two kinds of centering and decentralization, funds are not directly carried out on both transaction parties, and the original input-output relationship is changed through a trusted third party or through consensus.
The centralized-based money-mixing mechanism sends the specified amount to the recipient by sending the funds to the intermediary node, which breaks up and distributes the funds. The third party intermediary node is very likely to cause information leakage due to possession of detailed transaction information. The de-centralized mixing process relies primarily on the mixing protocol, without the need for intermediate nodes. All senders sign a transaction, thus achieving the obfuscation goal. The gate coin is to use the ring signature to mix the coin by the user, so that the risk of privacy leakage of other users participating in the coin mixing process is reduced, but the gate coin has a storage problem, and the size of each linkable ring signature script is linearly related to the base number of the ring. Once a user requires high anonymity, the storage costs are quite expensive and no regulatory mechanism is provided. The reason that the door coin is not manageable is that the address can only be extracted mes by the receiver through the public key, and the transaction process cannot be captured by a third party authority. A direct method for improving the door coin of the system is to construct a linked ring signature with constant size, which can reduce the script size to a constant, and add a supervision node through a reliable election method to realize supervision of the transaction process.
The parallel supervision identity privacy protection method can realize parallel processing by changing roles in the coin mixing process, reduces communication time which is brought by multistage encryption and linearly increases the number of participating nodes, ensures the controllability of transactions by adding supervision nodes, realizes the privacy of transaction amount by group collaboration promise, does not need to execute the coin mixing process, and solves the problems of high delay and storage of the door coin by a constant-size ring signature scheme based on credit threshold.
Disclosure of Invention
This section is intended to outline some aspects of embodiments of the invention and to briefly introduce some preferred embodiments. Some simplifications or omissions may be made in this section as well as in the description summary and in the title of the application, to avoid obscuring the purpose of this section, the description summary and the title of the invention, which should not be used to limit the scope of the invention.
The present invention has been made in view of the above-described problems occurring in the prior art.
Therefore, the invention provides a parallel supervision identity privacy protection method, which can solve the problem that the traditional block packing method can still trace back the identity information of both transaction parties after constructing a transaction network structure or linking the identity of a transaction sender according to different transaction amounts.
In order to solve the technical problems, the invention provides a parallel supervision identity privacy protection method, which comprises the following steps:
constructing a credit value network through network nodes, constructing a credit weight election algorithm, and selecting network nodes meeting the requirements to form a hybrid container; selecting supervisory nodes by a multi-round sorting encryption lottery mechanism, and sorting the nodes to be selected for multiple rounds according to the generated credit weight; the supervision center node initializes the mixed container, and the transaction sender generates a supervision hidden address for the receiver; constructing a ring signature scheme based on a credit threshold; providing a group cooperative commitment, and adding a scattered blind factor; unlocking the mixed container, monitoring the container in the blockchain network through an observation algorithm, and packaging and trading uplink after verifying the container through a verification algorithm.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: the credit weight election algorithm comprises the steps of determining a credit weight by using an improved pearson correlation function in a three-dimensional European space through a credit value of a node participating in transaction allocation in a network, and using the credit weight for electing the node, wherein the credit weight calculation formula is as follows:
where alpha is the node credit value,is the credit value of node i, n is the number of members, β is the user asset, +.>Is an improved pearson correlation function, delta is a sample pearson coefficient, mu is a correlation coefficient determined according to the size of the confusion container, and the reliability of the supervision node elected according to the credit weight is positively correlated with the actual network activity.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: the multi-round ordering encryption drawing comprises the steps that after each round of ordering based on the generated credit weight, the election result is encrypted through a result matrix encryption algorithm, and a result matrix in the result matrix encryption algorithm is described as follows:
first round matrix:
first, theWheel matrix: />
Where λ is a pseudo-random number, det is a matrix determinant, m is an election round,is a credit weight.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: the hidden address is generated by a credit model based on a covariance matrix, so that the true public and private keys of the receiver are not exposed.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: the ring signature scheme based on the credit threshold comprises that the ring signature scheme based on the credit threshold is different from the ring signature scheme with fixed linear size, the credit weight of signature members is accumulated in the signature process, the signature is stopped after the credit threshold of a hybrid container is reached, transaction senders can be hidden in a group of senders, malicious nodes cannot distinguish real senders, and the ring signature length and the number of signature rounds are reduced.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: the ring signature scheme based on the credit threshold value further comprises a submitting stage and a verifying stage; generating a hidden address through public parameters, calling a ring signature generation function to generate and issue a ring signature; the verification stage comprises the steps that the verifier uses a secret key to further verify by searching a shared message submitted by an initiator through searching a published ring signature, if the verify can be successfully operated, the verifier publishes the ring signature signed by the signature of the initiator, and when the credit total value carried by a certain signature reaches a credit threshold, the ring signature refuses to accept the re-signature.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: generating the group cooperative promise comprises the steps of fragmenting transaction amount, wherein the number of fragments is equal to the number of members, generating promise fragments by each member according to the fragments and the credit weight of the member, and submitting the promise fragments to a supervision node to generate a final promise; the group cooperative promise is generated according to the co-cooperation of the members in the mixed container, and the transaction amount is regenerated by the members according to the credit weight generated by the credit weight generation algorithm as a basis; the blind factors are generated by members in a scattered way, and when part of the blind factors are leaked, the actual transaction amount cannot be obtained; the generation process of the group cooperative promise C is as follows:
wherein V is i Is the sharded amount to be promised, r i Is a random number generated by the confusing container member, i+1 is less than or equal to m, G is a base point of an elliptic curve, H is a point in a circulation group,is a supervision key fragment in the key pool.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: unlocking the hybrid container comprises unlocking the container after all members perform a ring signature process based on a credit threshold and complete verification of the generated signature in the constructed hybrid container, a mineworker monitors the container in the blockchain network through an observation algorithm, packages the transaction for uplink after verifying the container through a verification algorithm, and a supervision node supervises the transaction through a traceable key mirror image.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: the traceable key mirror image comprises that the traceable key mirror image is generated by combining a user public key and a supervision node key fragment, wherein the supervision key fragment is generated in a key pool according to a discrete selection model based on a time stamp, the user public key is calculated through a master key submitted by a container member, a supervision center opens a ring signature through the supervision private key, mes in the ring signature are extracted to calculate a receiver address to realize supervision, and the traceable key mirror image can be traced to a transaction sender.
As a preferred scheme of the parallel manageable identity privacy protection method of the invention, the method comprises the following steps: the supervision node maintains a key pool, the supervision key fragment is prevented from being leaked by selecting a key set through a discrete selection model based on a time stamp, the result of the discrete selection model is always disposable by adding the time stamp, even if leakage is caused, the next confusion is not influenced, and the discrete selection model based on the time stamp is as follows:
wherein e is the natural logarithm of,is a time stamp,/->Is a supervision key fragment in the key pool, +.>Is the policing key number in the key pool.
The invention has the beneficial effects that: the method provided by the invention is based on the credit threshold, reduces the ring signature length and the number of signature rounds, improves the privacy of the transaction sender asset and the transaction amount through group cooperative promise and identity confusion, and protects the privacy of the receiver by generating a hidden address to the receiver. The credit threshold-based ring signature scheme may increase mixing speed, reduce latency, and reduce the mixing cost and signature length compared to ring confidential transactions. And secret electing the supervision node through a multi-round ordering encryption lottery mechanism, and generating a traceability key mirror image to ensure the supervision of the transaction and the traceability of the identities of both parties of the transaction.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. Wherein:
fig. 1 is a schematic flow chart of a parallel and manageable identity privacy protection method according to an embodiment of the invention.
Fig. 2 is a block diagram of an overall parallel manageable identity privacy protection method according to an embodiment of the present invention.
Fig. 3 is a schematic diagram of a parallel and manageable method for protecting identity privacy according to an embodiment of the present invention.
Description of the embodiments
So that the manner in which the above recited objects, features and advantages of the present invention can be understood in detail, a more particular description of the invention, briefly summarized above, may be had by reference to the embodiments, some of which are illustrated in the appended drawings. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, but the present invention may be practiced in other ways other than those described herein, and persons skilled in the art will readily appreciate that the present invention is not limited to the specific embodiments disclosed below.
Further, reference herein to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic can be included in at least one implementation of the invention. The appearances of the phrase "in one embodiment" in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments.
While the embodiments of the present invention have been illustrated and described in detail in the drawings, the cross-sectional view of the device structure is not to scale in the general sense for ease of illustration, and the drawings are merely exemplary and should not be construed as limiting the scope of the invention. In addition, the three-dimensional dimensions of length, width and depth should be included in actual fabrication.
Also in the description of the present invention, it should be noted that the orientation or positional relationship indicated by the terms "upper, lower, inner and outer", etc. are based on the orientation or positional relationship shown in the drawings, are merely for convenience of describing the present invention and simplifying the description, and do not indicate or imply that the apparatus or elements referred to must have a specific orientation, be constructed and operated in a specific orientation, and thus should not be construed as limiting the present invention. Furthermore, the terms "first, second, or third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
The terms "mounted, connected, and coupled" should be construed broadly in this disclosure unless otherwise specifically indicated and defined, such as: can be fixed connection, detachable connection or integral connection; it may also be a mechanical connection, an electrical connection, or a direct connection, or may be indirectly connected through an intermediate medium, or may be a communication between two elements. The specific meaning of the above terms in the present invention will be understood in specific cases by those of ordinary skill in the art.
Example 1
Referring to fig. 1, a first embodiment of the present invention provides a parallel manageable identity privacy protection method, including:
s1: and constructing a credit value network through the network nodes, constructing a credit weight election algorithm, and selecting network nodes meeting the requirements to form a hybrid container.
Further, the credit weight election algorithm includes that the credit weight is determined by using the improved pearson correlation function in the three-dimensional European space through the credit value of the node participating in the transaction distribution in the network, the credit weight is used for electing the node, and the credit weight calculation formula is as follows:
where alpha is the node credit value,is the credit value of node i, n is the number of members, β is the user asset, +.>Is an improved pearson correlation function, delta is a sample pearson coefficient, mu is a correlation coefficient determined according to the size of the confusion container, and the reliability of the supervision node elected according to the credit weight is positively correlated with the actual network activity.
S2: and designing multiple rounds of sorting encryption lottery mechanism electing supervisory nodes, and carrying out multiple rounds of sorting on the nodes to be elected according to the generated credit weight.
Further, the multi-round ordering encryption drawing includes that after each round of ordering based on the generated credit weight, the election result is encrypted through a result matrix encryption algorithm, and a result matrix in the result matrix encryption algorithm is described as follows:
first round matrix:
first, theWheel matrix: />
Where λ is a pseudo-random number, det is a matrix determinant, m is an election round,is a credit weight.
S3: the administrative center node initializes the hybrid container and the transaction sender generates an administrative hidden address for the receiver.
Further, the hidden address is generated by a credit model based on a covariance matrix, so that the true public and private keys of the receiver are not exposed.
S4: a ring signature scheme based on a credit threshold is constructed.
Still further, the ring signature scheme based on the credit threshold includes that the ring signature scheme based on the credit threshold is different from the ring signature scheme with a fixed linear size, the credit weights of signature members are accumulated in the signature process, the signature is stopped after the credit threshold of the hybrid container is reached, a transaction sender can be hidden in a group of senders, a malicious node cannot distinguish the real senders, and the ring signature length and the number of signature rounds are reduced.
It should be noted that the ring signature scheme based on the credit threshold further includes a commit phase and a verification phase.
Still further, the commit phase includes generating the hidden address via a public parameter and invoking a ring signature generation function to generate and issue a ring signature.
It should be noted that the verification stage includes searching for the shared message submitted by the initiator by searching for the published ring signature, the verifier uses the secret key to perform further verification, if the verify can be successfully executed, the verifier will publish the ring signature signed by the signature of the initiator, and when the total credit value carried by a certain signature reaches the credit threshold, the ring signature refuses to accept the re-signature.
S5: a group cooperative commitment is made, and a decentralized blind factor is added.
Further, generating the group collaborative promise includes fragmenting the transaction amount, wherein the number of fragments is equal to the number of members, each member generates a promise fragment according to the fragments and the credit weight of the member, and submitting the promise fragment to the supervision node to generate a final promise.
It should be noted that the group cooperative promise is generated according to the co-cooperation of the members in the hybrid container, and the transaction amount is regenerated by the members based on the credit weight generated by the credit weight generation algorithm.
Further, the blind factors are generated by members in a scattered manner, and when part of the blind factors are leaked, the actual transaction amount cannot be obtained.
It should be noted that the generation process of the group cooperative promise C is as follows:
wherein V is i Is the sharded amount to be promised, r i Is a random number generated by the confusing container member, i+1 is less than or equal to m, G is a base point of an elliptic curve, H is a point in a circulation group,is a supervision key fragment in the key pool.
S6: unlocking the mixed container, monitoring the container in the blockchain network through an observation algorithm, and packaging and trading uplink after verifying the container through a verification algorithm.
Furthermore, unlocking the hybrid container comprises unlocking the container after performing a ring signature process based on a credit threshold and completing verification of the generated signature by all members in the constructed hybrid container, monitoring the container in the blockchain network by miners through an observation algorithm, packaging the container after verification of the container by the verification algorithm, and supervising the transaction by a supervision node through a traceable key mirror image.
It should be noted that the traceable key image includes that the traceable key image is generated by combining a user public key and a supervision node key fragment, wherein the supervision key fragment is generated in a key pool according to a discrete selection model based on a time stamp, the user public key is calculated through a master key submitted by a container member, a supervision center opens a ring signature through a supervision private key, mes in the ring signature is extracted to calculate a receiver address to realize supervision, and the traceable key image can be traced to a transaction sender.
Furthermore, the supervision node maintains a key pool, the supervision key fragment is prevented from being leaked by selecting a key set based on a discrete selection model of a time stamp, the result of the discrete selection model is always disposable by adding the time stamp, and the next confusion is not influenced even if the result is leaked, and the discrete selection model based on the time stamp is as follows:
wherein e is the natural logarithm of,is a time stamp,/->Is a supervision key fragment in the key pool, +.>Is the policing key number in the key pool.
Example 2
Referring to fig. 2, for one embodiment of the present invention, a parallel and manageable identity privacy protection method is provided, and scientific demonstration is performed through experiments in order to verify the beneficial effects of the present invention. The technical solutions in the practice of the present invention will be clearly and completely described below with reference to the accompanying drawings in examples of the present invention.
s1: public and private key pairs of a sender and a receiver are respectivelyThe sender generates a random number r.
s2: the user may choose to be the verifier of a transaction or the initiator of a mixed-coin transaction, the initiator submitting the tupleVerifier submit tupleWherein->For transaction fee->Returning the script for failure, TS is a timestamp, < +.>For collaborative promise script, lock_time is lock time, < ->Is the lower bound of anonymity of the mixing container.
s3: according to the novel credit weight election algorithm, the probability of being elected as the supervision node is positively related to the asset and the credit value, the probability is elected in an encrypted lottery mode, and the lottery needs to be re-drawn after each voting, and the supervision center distributes t (t > =1) supervision nodes to the mixing container and adds the t (t > =1) supervision nodes to the mixing container.
s4: when the mixing container reaches a lower population limit, the supervising node in the container seals the container with a timestamp.
s5: distributing supervision public keys for supervision nodesThe supervision node initializes public parameters, and generates a public-private key pair for nodes in the container by using the supervision public key and the node public key>And sent to each node over a secure channel.
s6: sender generates receiver one-time address by private keyWhere G is a point on the elliptic curve of Ed 25519.
s7: the mixing container publishes the public key for all n participants,(n>2) And published.
s8: invoking a ring signature function, the initiator using the public key of the specified verifierEncryption ring signature generationWherein->Is the private key of the initiator, mes contains randomly generated blind factors +.>And scripts.
s9: verifier i uses private keyDecrypting, verifying the correctness of mes, i.e. the transaction amount, and invoking the ring signature verification function +.>。
s10: verification is passed, and a verifier encrypts ring signature by using own private key to repackage and issue, so as to generateAll the verifications are agreed, sigma automatically submit to the supervision center, otherwise enter the punishment stage.
s11: if b is not equal to 1 or the mes verification fails, the method records the mixed transaction container, deducts 10% of the transaction amount and deducts the node credit value.
s12: all sigma validations within the container pass and the supervising node unlocks the container. If a malicious node does not verify the signature, then the signature will be verified by other correct nodes and the transaction will not stall because a small number of malicious nodes prevent mixing.
s13: the mineworker node verifies the container in the blockchain network, checks if the container header is complete, and if the number of participants in the header is less than the constraint, the mineworker will discard it.
s14: the integrity of the container is checked. By default the header is complete, miners check the status of the package and if it is unlocked they will check if the number of input scripts is equal to the cardinality of the container node. If not, they will only record the header on the block. The mineworker does not simply record the header to more quickly resolve the hash problem. The reason is that only the header packet is less transacted than the complete packet, so that a rational mineworker does not discard the complete packet. Furthermore, there is a branch selection function f (t, μ) in the consensus that is positively correlated with the completeness μ, rather than the longest-chain selection strategy. Honest miners tend to attach their blocks after blocks that have a more complete packet in the same time period.
s15: the validity of the container is checked. Miners verify that the inputs and outputs meet all of the containers recorded on the block, otherwise, only the container header is recorded on the block, and the inputs and outputs meet. For multiple inputs->And a plurality of outputs->(i,j>=1) satisfy:
wherein H is the elliptic curve generator satisfyingY is the one-time public key address generated in step s 1.
s16: the supervision center opens signature to extract the public key of the receiver and obtain the public key through the traceability key mirror imageThe true identity of the recipient and the transaction amount are obtained. Present syndrome of presenceThe method is as follows: wherein->Is a manageable hidden address generated by the sender for the receiver,>for the public key of the receiver->For the private key of the receiver->For sender private key, ++>For the supervision key segment of the supervision node, randomly selecting the generator G +.>,/>Is generated by isomorphic mapping->Randomly select->Andlet->。
Sender address:
is known to beThen。
Address of the receiving party:
。
in the process of mixing coins, the time consists of initializing, generating a signature and verifying the signature. According to the logarithmic calculation time and the power calculation time required by the Menu coin mixing scheme, a simulation example of two signature schemes is written by using C++, and the Menu coin mixing process and the calculation time required by the scheme are tested in a computer with an experimental configuration of i7-6700 processor and a win11 operating system. The comparison results are shown below:
table 1 coin time comparison (Unit: millisecond)
| Coin number N | 104 | 385 | 976 | 1273 | 1653 | 1847 | |
| Door coin | 146.8 | 151.2 | 163.4 | 178.2 | 185,9 | 192.1 | |
| The proposal is that | 148.3 | 151.4 | 163.2 | 176.7 | 183.6 | 191.8 |
As can be seen from comparison of execution time of the simulation case, the scheme can be equivalent to the mixing time of the door coin when the number N of the mixed coin is smaller than 976. With the increase of the number of the mixed coins, the scheme has good performance, and the advantage is further increased with the increase of the number of the mixed coins.
Meanwhile, in the process of mixing coins, the size of the ring signature generated by the scheme is effectively reduced compared with the size of the signature generated by other schemes, and more storage space can be saved. In a ring signature scheme based on PKI (public key infrastructure), the signature size is related to the ring size in pairs. The comparison of the signature scheme, tritich signature scheme and the present scheme in the minbi ringct3.0 is shown in fig. 3. The results show that our signature can be reduced by 70% relative to tritich and 7% relative to the signature scheme in ringct3.0 when the ring size is greater than 2.
The invention relates to a parallel supervision identity privacy protection method technology, which provides a ring signature method based on a credit threshold, reduces the ring signature length and the number of signature rounds, improves the privacy of transaction sender assets and transaction amounts through group cooperative promise and identity confusion, and protects the privacy of a receiver by generating a hidden address to the receiver. The method comprises the steps of firstly constructing a credit value network through network nodes, constructing a credit weight election algorithm, selecting network nodes meeting requirements to form a mixed container, designing a multi-round ordering encryption lottery mechanism election supervision node, carrying out multi-round ordering on the nodes to be elected according to the generated credit weight, initializing the mixed container by the supervision center node, generating a supervision hidden address for a receiver by a transaction sender, constructing a ring signature scheme based on a credit threshold, providing a group collaborative commitment, adding a scattered blind factor, unlocking the mixed container, monitoring the container in a block chain network through an observation algorithm, and packaging the transaction uplink after verifying the container through a verification algorithm.
It should be noted that the above embodiments are only for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that the technical solution of the present invention may be modified or substituted without departing from the spirit and scope of the technical solution of the present invention, which is intended to be covered in the scope of the claims of the present invention.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The solutions in the embodiments of the present application may be implemented in various computer languages, for example, object-oriented programming language Java, and an transliterated scripting language JavaScript, etc.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present application without departing from the spirit or scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims and the equivalents thereof, the present application is intended to cover such modifications and variations.
Claims (7)
1. The parallel supervision identity privacy protection method is characterized by comprising the following steps of: comprising the steps of (a) a step of,
constructing a credit value network through network nodes, constructing a credit weight election algorithm, and selecting network nodes meeting the requirements to form a hybrid container;
selecting supervisory nodes by a multi-round sorting encryption lottery mechanism, and sorting the nodes to be selected for multiple rounds according to the generated credit weight;
the supervision center node initializes the mixed container, and the transaction sender generates a supervision hidden address for the receiver;
constructing a ring signature scheme based on a credit threshold;
the ring signature scheme based on the credit threshold comprises that the ring signature scheme based on the credit threshold is different from the ring signature scheme with fixed linear size, the credit weight of signature members is accumulated in the signature process, the signature is stopped after the credit threshold of a mixed container is reached, transaction senders can be hidden in a group of senders, malicious nodes can not distinguish real senders, and the ring signature length and the number of signature rounds are reduced;
the ring signature scheme based on the credit threshold value further comprises a submitting stage and a verifying stage;
generating a hidden address through public parameters, calling a ring signature generation function to generate and issue a ring signature;
the verification stage comprises the steps that a shared message submitted by an initiator is searched through searching a published ring signature, the verifier uses a secret key to further verify, if the verify can be successfully operated, the verifier issues the ring signature signed by the signature of the initiator, and when the credit total value carried by a certain signature reaches a credit threshold, the ring signature refuses to accept the re-signature;
providing a group cooperative commitment, and adding a scattered blind factor;
the method comprises the steps that the transaction amount is divided into pieces, the number of the pieces is equal to that of members, each member generates a commitment piece according to the pieces and the credit weight of the member, and the commitment piece is submitted to a supervision node to generate a final commitment;
the group cooperative promise is generated according to the co-cooperation of the members in the mixed container, and the transaction amount is regenerated by the members according to the credit weight generated by the credit weight generation algorithm as a basis;
the blind factors are generated by members in a scattered way, and when part of the blind factors are leaked, the actual transaction amount cannot be obtained;
the generation process of the group cooperative promise C is as follows:
C(p 1 )=r 1 *G+ν 1 *H
……
C(p i )=r i *G+v i *H
C(p i+1 )=r i+1 *G+v i+1 *H
C(p i +p i+1 )=(r i +r i+1 )*G+(v i +v i+1 )*H
wherein V is i Is the sharded amount to be promised, r i Is a random number generated by a confusing container member, i+1 is less than or equal to m, G is a base point of an elliptic curve, and H is a point in a circulation group;
unlocking the mixed container, monitoring the container in the blockchain network through an observation algorithm, and packaging and trading uplink after verifying the container through a verification algorithm.
2. The parallel policable identity privacy protection method of claim 1, characterized in that: the credit weight election algorithm comprises the steps of determining a credit weight by using an improved pearson correlation function in a three-dimensional European space through a credit value of a node participating in transaction allocation in a network, and using the credit weight for electing the node, wherein the credit weight calculation formula is as follows:
where α is the node credit value, α i Is the credit value of node i, n is the number of members, β is the user asset, e' (α, β) is the modified pearson correlation function, δ is the sampleThe pearson coefficient, mu, is a correlation coefficient determined according to the size of the confusion container, and the reliability of the supervision node elected according to the credit weight is positively correlated with the actual network activity.
3. A parallel policable identity privacy protection method as defined in claim 2, characterized in that: the multi-round ordering encryption drawing comprises the steps that after each round of ordering based on the generated credit weight, the election result is encrypted through a result matrix encryption algorithm, and a result matrix in the result matrix encryption algorithm is described as follows:
first round matrix:
first, theWheel matrix: />
Where λ is a pseudo-random number, det is a matrix determinant, and m is an election round number.
4. A parallel policable identity privacy protection method as defined in claim 3, characterized in that: the hidden address is generated by a credit model based on a covariance matrix, so that the true public and private keys of the receiver are not exposed.
5. The parallel policable identity privacy protection method of claim 4, characterized in that: said unlocking of the mixing container comprises,
in the constructed hybrid container, after the ring signature process based on the credit threshold is executed and the generated signature verification is completed, all members unlock the container, miners monitor the container in the blockchain network through an observation algorithm, package the transaction for linking after verifying the container through a verification algorithm, and a supervision node supervises the transaction through a traceable key mirror image.
6. The parallel policable identity privacy protection method of claim 5, characterized in that: the trackable key image includes,
the traceability key mirror image is generated by combining a user public key and a supervision node key fragment, wherein the supervision key fragment is generated in a key pool according to a discrete selection model based on a time stamp, the user public key is calculated through a master key submitted by a container member, the supervision center opens a ring signature through a supervision private key, mes in the ring signature is extracted to calculate a receiver address so as to realize supervision, and the traceability key mirror image can be traced to a transaction sender.
7. The parallel policable identity privacy protection method of claim 6, characterized in that: the supervision node maintains a key pool, the supervision key fragment is prevented from being leaked by selecting a key set through a discrete selection model based on a time stamp, the result of the discrete selection model is always disposable by adding the time stamp, the next confusion is not influenced even if the result is leaked, and the discrete selection model based on the time stamp is as follows:
wherein e is the natural logarithm of,is a time stamp, P i The policing key segments in the key pool, k being the policing key number in the key pool.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310287885.7A CN116032661B (en) | 2023-03-23 | 2023-03-23 | Parallel supervision identity privacy protection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310287885.7A CN116032661B (en) | 2023-03-23 | 2023-03-23 | Parallel supervision identity privacy protection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116032661A CN116032661A (en) | 2023-04-28 |
| CN116032661B true CN116032661B (en) | 2023-08-08 |
Family
ID=86076189
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310287885.7A Active CN116032661B (en) | 2023-03-23 | 2023-03-23 | Parallel supervision identity privacy protection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116032661B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117455488A (en) * | 2023-11-13 | 2024-01-26 | 电子科技大学 | Threshold supervision method for privacy protection cryptocurrency |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101771677A (en) * | 2008-12-31 | 2010-07-07 | 华为技术有限公司 | Method for providing resource for access user, server and system thereof |
| CN102377565A (en) * | 2010-08-06 | 2012-03-14 | 陈国敏 | Linkable ring signature method based on appointed verifier |
| CN102594844A (en) * | 2012-03-29 | 2012-07-18 | 杨涛 | Privacy protection and authentication system based on digital re-signature and traceability technology |
| CN104184724A (en) * | 2014-07-29 | 2014-12-03 | 江苏大学 | Location privacy based ring signature method in Internet of vehicles |
| CN109802956A (en) * | 2019-01-02 | 2019-05-24 | 西安邮电大学 | Vehicle-mounted net anonymous authentication system and method based on ring signatures, vehicle communication platform |
| CN111988147A (en) * | 2020-08-20 | 2020-11-24 | 上海万向区块链股份公司 | Combined signature and signature verification method, system and storage medium |
| CN113761582A (en) * | 2021-09-29 | 2021-12-07 | 山东省计算中心(国家超级计算济南中心) | Group signature based method and system for protecting privacy of block chain transaction under supervision |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20140108749A (en) * | 2013-02-27 | 2014-09-15 | 한국전자통신연구원 | Apparatus for generating privacy-protecting document authentication information and method of privacy-protecting document authentication using the same |
| WO2019108128A1 (en) * | 2017-11-30 | 2019-06-06 | Agency For Science, Technology And Research | Privacy preserving ip traceback using group signature |
-
2023
- 2023-03-23 CN CN202310287885.7A patent/CN116032661B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101771677A (en) * | 2008-12-31 | 2010-07-07 | 华为技术有限公司 | Method for providing resource for access user, server and system thereof |
| CN102377565A (en) * | 2010-08-06 | 2012-03-14 | 陈国敏 | Linkable ring signature method based on appointed verifier |
| CN102594844A (en) * | 2012-03-29 | 2012-07-18 | 杨涛 | Privacy protection and authentication system based on digital re-signature and traceability technology |
| CN104184724A (en) * | 2014-07-29 | 2014-12-03 | 江苏大学 | Location privacy based ring signature method in Internet of vehicles |
| CN109802956A (en) * | 2019-01-02 | 2019-05-24 | 西安邮电大学 | Vehicle-mounted net anonymous authentication system and method based on ring signatures, vehicle communication platform |
| CN111988147A (en) * | 2020-08-20 | 2020-11-24 | 上海万向区块链股份公司 | Combined signature and signature verification method, system and storage medium |
| CN113761582A (en) * | 2021-09-29 | 2021-12-07 | 山东省计算中心(国家超级计算济南中心) | Group signature based method and system for protecting privacy of block chain transaction under supervision |
Non-Patent Citations (1)
| Title |
|---|
| 《基于支持向量机的P2P流量识别关键技术研究》;宫婧;《信息科技》(第2019年第08期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116032661A (en) | 2023-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11842317B2 (en) | Blockchain-based authentication and authorization | |
| US11861606B2 (en) | Blockchain system for confidential and anonymous smart contracts | |
| Ateniese et al. | Redactable blockchain–or–rewriting history in bitcoin and friends | |
| EP3381151B1 (en) | Selectivity in privacy and verification with applications | |
| Aumayr et al. | Generalized channels from limited blockchain scripts and adaptor signatures | |
| Rondelet et al. | Zeth: On integrating zerocash on ethereum | |
| CN113988863B (en) | Supervision-capable online payment privacy protection method and device and electronic equipment | |
| CN116032661B (en) | Parallel supervision identity privacy protection method | |
| Li et al. | Escaping from consensus: Instantly redactable blockchain protocols in permissionless setting | |
| Qu et al. | A electronic voting protocol based on blockchain and homomorphic signcryption | |
| Chaidos et al. | Mithril: Stake-based threshold multisignatures | |
| Li et al. | Non-equivocation in blockchain: double-authentication-preventing signatures gone contractual | |
| Sui et al. | AuxChannel: Enabling efficient bi-directional channel for scriptless blockchains | |
| Chen et al. | Pgc: Pretty good decentralized confidential payment system with auditability | |
| Li et al. | Cryptoeconomics: Economic Mechanisms Behind Blockchains | |
| Emami et al. | A scalable decentralized privacy-preserving e-voting system based on zero-knowledge off-chain computations | |
| Firsov et al. | Verified security of BLT signature scheme | |
| Shao et al. | Auditable Blockchain Rewriting in Permissioned Setting with Mandatory Revocability for IoT | |
| CN112911018A (en) | Block chain-based network community credit investigation management method | |
| Dotan et al. | Haze: A Compliant Privacy Mixer | |
| CN117040766B (en) | Block chain-based data processing method, device, equipment and readable storage medium | |
| Petrakos et al. | Using strand space model to verify the privacy properties of a fair anonymous authentication scheme | |
| Lu | Crowdsourcing Atop Blockchains | |
| Yang | Practical escrow protocol for cryptocurrencies | |
| Iovino et al. | Improved Constructions of Privacy-Enhancing Cryptographic Primitives for Ledgers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |